Authorized access to vehicle data

ABSTRACT

Disclosed in some examples are methods, systems, and machine readable mediums which provide for controlled access of vehicle information by trusted authority systems. These systems may allow for police and other authority figures to utilize the onboard systems of the vehicle or obtain other information about the vehicle and occupants while safely in their own vehicles prior to an initial encounter with the vehicle and occupants.

PRIORITY

This application is a continuation of U.S. application Ser. No.14/124,450, filed Jun. 4, 2014, which claims the benefit of priority toU.S. National Stage Application under 35 U.S.C. 371 from InternationalApplication No. PCT/US2013/056016, filed Aug. 21, 2013, all of which arehereby incorporated by reference in their entirety.

COPYRIGHT NOTICE

A portion of the disclosure of this patent document contains materialthat is subject to copyright protection. The copyright owner has noobjection to the facsimile reproduction by anyone of the patent documentor the patent disclosure, as it appears in the Patent and TrademarkOffice patent files or records, but otherwise reserves all copyrightrights whatsoever. The following notice applies to the software and dataas described below and in the drawings that form a part of thisdocument: Copyright Intel, Inc., All Rights Reserved.

BACKGROUND

Police and other authority figures are placed in dangerous situationsevery day, which may be caused in part by a lack of complete situationalawareness. For example, when a police officer stops a car at the side ofthe road, the police officer may be able to ascertain information on theowner of the car based upon the car's license plate, but may not knowwho is actually driving the car or what is happening in the car untilthey approach the car. Once the officer approaches the car, the officeris in a vulnerable situation. This may lead to the poor relationsbetween the officer and the occupants as the officer is naturallysuspicious and cautious and the occupants may take offense to theofficer's suspicious demeanor.

BRIEF DESCRIPTION OF THE DRAWINGS

In the drawings, which are not necessarily drawn to scale, like numeralsmay describe similar components in different views. Like numerals havingdifferent letter suffixes may represent different instances of similarcomponents. The drawings illustrate generally, by way of example, butnot by way of limitation, various embodiments discussed in the presentdocument.

FIG. 1 is an illustration of an example scenario in which the presentdisclosure may be applicable according to some examples.

FIG. 2 is another illustration of an example scenario in which thepresent disclosure may be applicable according to some examples.

FIG. 3A is another illustration of an example scenario in which thepresent disclosure may be applicable according to some examples.

FIG. 3B is another illustration of an example scenario in which thepresent disclosure may be applicable according to some examples.

FIG. 4 is a message sequence chart showing data transfer from a dataauthority to a trusted authority system according to some examples ofthe present disclosure.

FIG. 5 shows a flowchart of a method of retrieving data from a dataauthority according to some examples of the present disclosure.

FIG. 6 shows an example of a method of providing data to a trustedauthority by a data authority according to some examples of the presentdisclosure.

FIG. 7 shows an example schematic of a trusted authority according tosome examples of the present disclosure

FIG. 8 shows an example schematic of a data authority according to someexamples of the present disclosure.

FIG. 9 is a block diagram of a machine in the example form of acomputing device within which instructions, for causing the machine toperform any one or more of the methodologies discussed herein, may beexecuted.

DETAILED DESCRIPTION

In the case of a traffic stop, if the officer has additional informationon the occupants of the vehicle and any possible threats therein, theofficer may be better prepared for the situation in the vehicle. If thevehicle is not a threat, the officer may be friendlier to the occupants,which may improve relations.

Disclosed in some examples are methods, systems, and machine readablemediums which provide for controlled access of vehicle information bytrusted authority systems. These systems may allow for police and otherauthority figures to utilize the onboard systems of the vehicle orobtain other information about the vehicle and occupants while safely intheir own vehicles prior to an initial encounter with the vehicle andoccupants.

In some examples a trusted authority system may be a computing systemutilized by an authorized individual in accordance with official publicduties. For example, a computing system of a police vehicle, a firevehicle, an ambulance, or the like. In some examples, the trustedauthority system may be a computer system integrated into a vehicle. Thetrusted authority system may communicate with a data authority systemwhich may provide information to the trusted authority about the vehicleand/or its occupants.

In some examples, the data authority may be a computing systemintegrated with, or onboard a civilian or other vehicle. In some ofthese examples, the data authority system and the trusted authoritysystem may communicate with each other through point to point wirelesscommunication. For example, the trusted authority and the data authoritymay communicate using one or more wireless communication protocols suchas a point to point cellular protocol, a point to point wireless localarea network (WLAN) protocol such as a Wi-Fi Direct® protocol operatingin accordance with one or more Institute for Electrical and ElectronicsEngineers (IEEE) 802.11 standards such as 802.11n-2009, a Bluetooth®protocol such as a Bluetooth protocol complying with version 4.0, aZigbee® protocol, a Near Field Communication (NFC) protocol, or thelike. In other example, the trusted authority and the data authority maycommunicate through a network which may be accessed in a variety ofwired and non-wired ways. In still yet other examples, the trustedauthority and the data authority may each communicate with anintermediate server over a network. In these examples, the dataauthority may be considered to encompass both the computing componentsintegrated with, or proximate to the vehicle that collects the dataabout the vehicle and its occupants and portions of the intermediateserver. The data authority may send data to the intermediary who mayauthenticate and provide the data to the trusted authority.

The data authority system may collect and store data from variousintegrated systems aboard the vehicle to provide this data to a trustedauthority system. Example data collected may include video or stillimages from on-board cameras, backup cameras, car data such as speeddata, direction data, global positioning system data, seat sensor data(e.g., most cars come equipped with sensors to detect whether apassenger is present for airbag deployment), window states (e.g.,open/close), glove box states (opened or closed), door status (open,closed, locked, unlocked), status of various information andentertainment devices (e.g., radios, movie players), and the like. Thedata authority system may collect this information at the time ofrequest by the trusted authority system, or may collect this dataautomatically, storing it for a period of time. For example the dataauthority system may log this data for the last 5 minutes, the lasthour, the last day, the last week, or the like. In other examples, thedata authority may not store the data, but may transmit the data to anintermediary server, which may store the data for a predetermined periodof time.

The data authority system may also communicate with other systems in thecar not integrated into the car itself. For example, government issuedidentification cards such as a driver's license may contain near fieldcommunications (NFC) technologies such as Radio Frequency Identification(RFID) tags. The vehicle may be equipped with a Near Field Communication(NFC) reader that may extract an identification number from theidentification card. The data authority system may then identify to thetrusted authority system the identification numbers of the occupants ofthe vehicle. The trusted authority may then utilize the identificationnumbers to lookup the names and criminal histories of the vehicleoccupants. Another example would be insurance cards equipped with NFCcommunications technologies. The data authority may collect informationon the insurance status of the vehicle and provide insurance informationto the trusted authority. In yet other examples, the insurance card mayinclude contact information (e.g., a Uniform Resource Locator (URL),Uniform Resource Identifier (URI), or other identifier) and accountinformation and either the data authority or the trusted authority mayutilize the contact information and the account information (or thevehicle information—such as license plate) to contact the insurancecompany (or a third party authorized by the insurance company) todetermine coverage status.

Additional external devices that the vehicle may connect to include oneor more personal computing devices such as smartphones, cellular phones,tablet computers, laptop computers, or the like. The vehicle may providedata about these devices to the trusted authority. For example, if thedevices are on, whether the devices are currently engaged incommunications such as making a phone call, or the like.

FIG. 1 is an illustration of an example scenario 1000 in which thepresent disclosure may be applicable according to some examples. Policecar 1020 has vehicle 1010 pulled over onto the side of the road. Whilethe police officer is still in the safety of his or her vehicle 1020,the trusted authority system in the police car 1020 may wirelesslycommunicate with a data authority inside vehicle 1010 to obtaininformation about the vehicle's occupants, the various systems of thevehicle 1010 and the like.

FIG. 2 is another illustration of an example scenario 2000 in which thepresent disclosure may be applicable according to some examples. Policecar 2010 is driving in traffic surrounded by cars 2020-2040. Police car2010 may communicate with proximate vehicles 2020-2040 to gatherinformation regarding the vehicles, such as license plate information.For example, police cars often have license plate scanning systems thatallow it to scan license plates of cars that are in a line of site withthe scanning device (e.g., car 2020). This allows the police cars tofind stolen cars, cars owned by individuals wanted by the authoritiesand the like. These systems are limited to situations in which thesystem may see a license plate and are based on sometimes inaccurateoptical character recognition techniques.

Instead of or in addition to these systems, in some examples, thetrusted authority in the police car 2010 may wirelessly communicateusing a short range wireless communication technology with cars2020-2040 to determine their license plate numbers. The data authorityin the car 2020-2040 may store the license plate number of the car, ormay determine the license plate numbers from RFID or other short rangecommunications with the license plates themselves and then provide it tothe police car 2010 upon request. In some examples, this may be donewithout the knowledge of the occupants of the vehicles 2020-2040 (as alicense plate number is public information).

FIG. 3A is another illustration of an example scenario in which thepresent disclosure may be applicable according to some examples. FIG. 3Ashows a variant of the situation in FIG. 2. In the example of FIG. 3A,instead of a police car, the trusted authority is a stationary system3010. Cars 3020-3030 pass stationary system 3010 and communicate licenseplate information to stationary system 3010. In some examples, a networkof stationary systems 3010 may be setup which may relay license plate,or any other collected information to central computing systems 3050over network 3040. Network may be or include portions of a Wide AreaNetwork (WAN), Local Area Network (LAN), cellular network, WirelessLocal Area Network (WLAN), or the like. The central computing systems3050 may determine one or more vehicles of interest and forward thisinformation to police or emergency services dispatch. Central systems3050 may also determine speed of the vehicle based the time it takes acar to travel between two stationary systems 3010 and the known distancebetween the stations.

FIG. 3B is another illustration of an example scenario in which thepresent disclosure may be applicable according to some examples. FIG. 3Bshows another variant of the examples provided in FIG. 1. In thisexample, the data authority may be comprised of portions on vehicle 3110and server 3150. The data authority may transfer sensor data (eitherperiodically as the vehicle is in motion, or when requested by thetrusted authority) to server 3150 over network 3140. Vehicle 3110 mayaccess network 3140 over any data connection, but in some examples,access may be a wireless link 3130 (e.g., a cellular connection, orother long range link). Similarly, authority system 3120 may contactserver 3150 over network 3160. This connection too may be via a wirelesslink 3170. Networks 3160 and 3140 may be the same network, may bedifferent networks, or may include portions of each other.

Other scenarios are contemplated, including the use of data authoritysystems communicating with other data authority systems to determineslow traffic conditions ahead, an accident situation, convey weatherinformation, or the like. In an example, after an accident, the dataauthority may contact nearby vehicles to ascertain the identities ofpossible witnesses and may even request the sensor data of those witnessvehicles, and/or request that they store their sensor data for a periodof time.

While described herein that the data authority provides data to thetrusted authority, in other examples, the trusted authority may providedata to the data authority. For example, administrative information suchas car tax information, car insurance certificates, car registrationinformation, or the like may be “pushed” to the data authority by thetrusted authority. For example, when the car registration payment ismade, the trusted authority (which may be located in an administrativeoffice) may push the payment details to the data authority. Thisinformation may then be queried by another trusted authority (e.g., apolice stop) at a later time. In yet other examples, the trustedauthority may communicate with the data authority to collect taxes,registration, and other administrative fees and expenses. For example,the trusted authority may send a virtual “bill” to the data authority.The data authority may then send payment details to the trustedauthority. The trusted authority, once payment is verified, may sendverification to the data authority.

Data security may be employed to protect this data both in storage onthe data authority and in transit to the trusted authority. To securelystore this data, the data may be encrypted with a public key of the dataowner. The data may only be decrypted by the owner's private key. If theuser gives permission to send data to the trusted authority, the datamay be decrypted with the private key, and then re-encrypted with adifferent key, such as the trusted authority's public key, for over theair transfer. The trusted authority may then decrypt this informationusing its private key. In order for the trusted authority to verify thatthe data is indeed coming from the data authority of the subjectvehicle, the data authority may digitally sign the message containingthe data, or a portion of the message by calculating a checksum of themessage and encrypting the checksum with the user's private key. Thetrusted authority may then independently compute the checksum of thedata and by utilizing the data authority's public key, the trustedauthority may decrypt the checksum sent by the data authority. If thechecksum calculated by the trusted authority matches the checksumprovided by the data authority, then the trusted authority knows thatthe message was sent by the data authority (as only the data authority'spublic key may decrypt the checksum) and that the message was notaltered (as the checksum must match).

In some examples, the trusted authority and the data authority mayutilize a certificate authority and digital certificates to exchangeencryption keys. In some examples, this may be accomplished by utilizinga network connection such as a network connection provided by a longrange wireless link. For example, the license plate on the vehicle inwhich the data authority is located may serve as, or part of, aUniversal Resource Identifier (URI). The trusted authority may send thisURI to a certificate authority using a network connection to obtain thevehicle's public key for use in verifying the digital signature of thedata and for encrypting other communications to the data authority.

The data authority may also utilize a certificate authority to obtainthe public key of the trusted authority. For example, the data authoritymay utilize a URI provided by the trusted authority, a URI that comespreinstalled on the data authority (and which may be updatable), alicense plate number of the trusted authority, or the like to requestthe public key of the trusted authority. The certificate authority maymaintain a list of URIs which correspond to trusted public authorities.If an intruder impersonates the URI of a trusted authority, they willnot be able to decrypt the communications from the data authority unlessthey also steal the private key of the trusted authority. Additionally,URIs not recognized as trusted authorities will not return a successfulpublic key from the certificate authority. Thus, if messages from thetrusted authority are successfully decrypted, the data authority mayhave a level of confidence that the trusted authority is a legitimatetrusted authority (as opposed to an unauthorized eavesdropper).

In addition to being protected while stored and protected in transit,the data may be subject to strict access and usage controls. Forexample, various permission based checks may be utilized to control theinitial data access and Digital Rights Management (DRM) may be utilizedto control the data after the data is sent. For example, sophisticatedrules may be setup by the user which controls access and privileges forthe trusted authority. These rules may specify what actions the dataauthority is to take based upon the requested access level. Users maysetup rules such that all requests for certain data types may beallowed, denied, or at the time of request the system may prompt theuser. Further granular control may be introduced by allowing the user tospecify DRM controls on how the information may be used by the trustedauthority. Example access permissions may include presentation rights,storage rights, rights to retransmit the data to other systems, and thelike. These permissions may be additive—e.g., the right to store mayinclude the right of presentation, the right of retransmission mayinclude storage and presentation. In other examples, these rights may beindependent—that is, an explicit grant may be needed for each proposedusage. An example rule may take the form:

-   if the trusted authority asks for <data type> with rights to    <view|store|retransmit|modify> then <grant deny|prompt>

These rules may apply per vehicle and may be setup by the owner of thevehicle. These rules may apply regardless of who is in the car or who isdriving. In other examples, a set of these rules may form a profile, andeach driver of the vehicle may have a profile. In these examples, thevehicle may identify the driver by communication with NFC chips in thedriver's license of the driver, through user input, or otheridentification means. The data authority may utilize the profile of thedriver to determine the access rules and conditions. In other examples,other occupants may create profiles or rules pertaining to theirpersonal data (e.g., identity from their driver's license).

The use of DRM may alleviate user privacy fears, such as the fear thatthe information may be used against them in a court of law. In addition,the DRM may be utilized to prevent modifications to the data in theevent the data is recorded. As already noted, the data authority and thetrusted authority may negotiate a level of access granted to the dataauthority for the data based upon user permissions.

FIG. 4 is a message sequence chart showing data transfer from a dataauthority to a trusted authority system according to some examples ofthe present disclosure. At operation 4005 the trusted authority systemmay establish a communication connection with a data authority. Forexample, various Bluetooth or Wi-Fi messaging which establishes acommunication session between the trusted authority system and the dataauthority may be sent. In other examples, the trusted authority systemmay contact the data authority over a network. In these examples, alocation register may be utilized that stores a record of a current IPaddress of a data authority for the vehicle. For example, the dataauthority may have an Internet Protocol (IP) address associated with itas the result of a long range wireless link. The data authority mayperiodically report to the location register a unique identifier (e.g.,Vehicle Identification Number (VIN), license plate number, URI, or thelike) and its current IP address. The trusted authority system may thencontact the location register and supply the unique identifier. Thelocation register may then supply the IP address which the trustedauthority system may then use to contact the data authority. In someexamples, the data authority may be, or report to, a central serverwhich may store data reported by various vehicles. To identify thevehicle of interest to the central server, the trusted authority systemmay utilize a license plate number or other identifier of the vehiclesuch as an embedded RFID tag of the vehicle, Vehicle IdentificationNumber (VIN) of the vehicle, or the like.

Once the communication session is set up, at operation 4010, the trustedauthority system may send a discovery message to the data authority todetermine if the data authority is available to send data to the trustedauthority system. This discovery message may be sent after anyconnection and synchronization messaging necessary in order to establishany connections utilizing a wireless communication protocol such asBluetooth or Wi-Fi. At operation 4020, the data authority may respondwith an indication of whether or not the data authority is available tosend data. In some examples, the availability response may indicate theavailable types of data (e.g., which sensor data is available). Thetrusted authority system may then send an access request 4030 which mayrequest access to one or more data items stored by or obtainable by thedata authority. The access request 4030 may specify a requested a levelof access to the data items (e.g., display, store, retransmit, or thelike). In some examples the access request message may contain an URI ofthe trusted authority system. The data authority may then utilize theURI of the trusted authority system to obtain the trusted authoritysystem's digital certificate containing its public key. In someexamples, the digital certificate may be obtained over a wireless link(e.g., a cellular link).

The certificate authority may provide public keys corresponding to thedata authority and the trusted authority system. This may assist thedata authority in verifying the identity of the trusted authority andvice versa. In some examples, there may be a separate class of URIsreserved for public authorities. These URIs may be made available toonly trusted authorities and no-one else. The data authorities (e.g.,the vehicle systems) may submit a request to the certificate authoritywhich indicates that this is a request by a trusted authority system.The certificate authority may check to make sure that the URI providedis one of the issued URIs for authority vehicles. If the URI is valid,the certificate authority may return the digital certificate. If the URIis not valid, an error may be returned. If an error is returned, thedata authority may not respond to any more messages from the trustedauthority system until a valid URI is given. Since the returned publickey is a legitimate trusted authority public key, and as long as thetrusted authority private keys are protected, only a legitimate trustedauthority may access the data as only the trusted authority private keymay decrypt information encrypted with the trusted authority's publickey.

In some examples, the data authority may also include a GlobalPositioning System (GPS) coordinate of the data authority in the digitalcertificate request to the certificate authority. The certificateauthority may then have a geofence in which the particular trustedauthority URI is allowed to operate (e.g., the jurisdiction of thetrusted authority). If the URI is valid, but not in the correctgeofence, the certificate authority may deny the request and the dataauthority may ignore requests from the trusted authority until a validURI for that location is submitted. This may prevent trusted authoritysystems from operating outside their jurisdictional limits. For example,a New York City police officer operating in California would not be ableto access data authorities from California drivers in California.

The data authority may respond with an access response 4040, includingthe level of access (DRM) that the data authority is willing to grantfor the data items. The response may also include the URI of the dataauthority which may enable the trusted authority system to obtain adigital certificate to encrypt any data items sent to the dataauthority. The access response may be encrypted with the public key ofthe trusted authority system as obtained from the certificate authority.Only the actual owner of the private key corresponding to the public keyused to encrypt the message will be able to view the contents of themessage. Since the private keys of the trusted authorities should onlybe in the hands of authorized systems, those authorized systems will bethe only systems able to decrypt further messages from the dataauthority. In the same way that the data authority utilized thecertificate authority, the trusted authority may utilize the certificateauthority in order to assure that it is communicating with a valid dataauthority for the correct vehicle. For example, the license platenumber, vehicle identification number, or other identification of thevehicle may be utilized to obtain the private key of the data authority.Since the public key is tied to a physical identifier, the trustedauthority may have some confidence that the data provided is legitimate.

If the trusted authority system agrees to the access level provided, thetrusted authority system may then request access to the data items usinga request message 4050. The request message may be encrypted with thedata authority's public key. Only the data authority may view thismessage by decrypting it with the data authority's private key. In someexamples, the message may be also digitally signed with the trustedauthority's private key. If the data authority is able to decrypt thisdigital signature using the public key of the trusted authority system,then the data authority may have confidence that the trusted authoritysystem sent the particular message.

The request message 4050 may request data items once (e.g., status) ormay request a stream of data items (e.g., video stream, a stream ofsensor data that updates to reflect current values, or the like). If therequest message is properly authenticated, the data authority mayencrypt the data items and begin sending them (in some examples,streaming them) to the trusted authority system at 4060.

In some examples, the data authority system may ask permission from thevehicle occupants prior to approving the request from the trustedauthority system. As already noted, the data authority system may allowthe vehicle owner to setup a profile which describes the particular dataitems collected and gives the owner the option of allowing access,allowing limited access, prompting the occupants, or denying access.

In some examples, prior to sending the data streams 4060 the dataauthority may gather the sensor data. For example the data authority mayquery short range wireless sensors in driver's licenses, insurancecards, or the like. The data authority may also query other sensors inthe car, turn on cameras, turn on voice recorders, or the like.

Turning now to FIG. 5 a method 5000 of a retrieving data from a dataauthority performed by a trusted authority computing system is shown. Atoperation 5010 the trusted authority computing system may authenticatethe operator. For example, the trusted authority system may require usercredentials to ensure that only authorized users will have access to thedata and capabilities of the trusted authority computing system. In someexamples, the user credentials may include a username/password,biometric data, a challenge question and response, a physical accesscard, or any other method of authentication.

Once the user of the trusted authority system is authenticated, atoperation 5015, the user of the trusted authority computing system mayconnect to a data authority system. For example, the data authority maydiscover and connect via BLUETOOTH, or some other short range wirelessprotocol, to the data authority. In other examples, the trustedauthority may discover an IP address of the data authority and connectover a network. For example, the trusted authority may contact alocation register to obtain an IP address of the data authority. Thetrusted authority may then contact the data authority using a networkconnection. For example, both the trusted authority and the dataauthority may be connected to a network (e.g., the Internet) overseparate long range wireless connections. Once the trusted authority isconnected to the data authority, the trusted authority may initiate adata authority discovery process at operation 5020 to ensure that thedata authority is valid and communicating. At operation 5025 the trustedauthority may receive a response, which may include the data that isavailable to the trusted authority. The available data types may bedisplayed to the authority figure for selection. At operation 5027 thetrusted authority may receive the selection of the data types theauthority figure is interested in obtaining.

Once the data authority is discovered, the trusted authority computingsystem may send an access request at operation 5030 specifying the oneor more data items that the authority figure wishes to access and thedesired access level. This access request may include a URI or otheridentifier of the trusted authority to enable the data authority toproperly encrypt any response by locating the proper encryption keys.

At operation 5040, the trusted authority may receive the access responseand process it. For example, the trusted authority may decrypt theaccess response. In some examples the message may specify the availabledata and the DRM restrictions. The message may also include a URI of thedata authority. The trusted authority may then contact a certificateauthority to get a public key for this data authority. The informationon the available data may be displayed to the authority figure forreview. The authority figure may then choose which data to request. Atoperation 5050, the trusted authority may then request the chosen data.This message may be encrypted with the data authority's public key. Atoperation 5060, the data may then be received from the data authority.This data may be encrypted by the data authority, and thus may need tobe decrypted using the public authority computing system's private key.The trusted authority may then present the received data at operation5070 (e.g., such as by storing, displaying or playing, retransmitting orotherwise consuming the data consistent with the digital rightsmanagement restrictions).

FIG. 6 shows one example of a method of providing data to a trustedauthority by a data authority according to some examples of the presentdisclosure. At operation 6005 the data authority and the trustedauthority may establish a communication session as previously described.At operation 6010 the data authority may connect with the trustedauthority and receive a discovery request attempting to discover a dataauthority system. The data authority may send a reply to the trustedauthority at 6020. This reply may indicate the types of data availableand the DRM associated with that data. At operation 6030 the dataauthority may receive an access request from the trusted authority. Theaccess request may contain a URI or other identifier of the trustedauthority. This identifier may allow the data authority to contact acertificate authority to get a public key for the trusted authority. Ifthe data authority is successful at getting a public key, at operation6040 the data authority may respond with an access response. The accessresponse may be encrypted with the trusted authority's public key andmay contain the vehicle's URI or other identifier as well as the accessrestrictions on the requested data. At operation 6050 the data authoritymay receive a data request. The data request may be decrypted using theprivate key of the data authority. At this point the data authority maycollect the required data by either contacting the various sensors orsystems or by retrieving the data from storage. At operation 6060 thedata authority may send the requested data to the trusted authoritysystem.

FIG. 7 shows an example schematic 7000 of a trusted authority 7010according to some examples of the present disclosure. Input/outputmodule 7020 may communicate with the data authority to make datainquiries and to receive sensor data. Input/output module 7020 maycommunicate with the data authority through short range wireless linkssuch as BLUETOOTH, Wi-Fi, Wi-Fi Direct, ZigBee, Near FieldCommunications (NFC), or the like. Input/output module 7020 may alsocommunicate with the data authority over a network through a long rangewireless link such as 4^(th) generation wireless data links (e.g., LongTerm Evolution (LTE)), 3^(rd) generation wireless data links (e.g.,Universal Mobile Telecommunications Service (UMTS), 2^(nd) generationwireless links (e.g., such as General Packet Radio Service (GPRS)) orthe like. Input/output module 7020 may also communicate with the dataauthority over a network through a wired link such as an Ethernet link,a fiber optic link, a POTS (Plain Old Telephone System) link, or thelike. As already noted, the data authority may be a computer system inthe vehicle which may be accessed directly through one or more wirelesslinks, or indirectly through a network (e.g., the Internet). Inaddition, the data authority may instead be located at least partiallyat a central server. The trusted authority system may then contact thecentral server over a network and communicate with the central server.The central server may then contact each vehicle for the requested data.Input/output module 7020 may also communicate with a certificateauthority over the long range wireless link. In some examples,Input/output module 7020 may communicate with a location register overthe long term wireless link.

Control module 7030 may send discovery requests to the data authorityvia the input/output module 7020 and may process the response. Controlmodule may utilize the encryption and decryption module 7065 to encryptand decrypt messages and responses. Encryption and decryption module7065 may be responsible for obtaining public keys of the data authorityfrom a certificate authority via the input/output module 7020. Controlmodule may also generate access requests based upon the type of datarequested by the user. Digital rights management module 7060 may beresponsible for managing the content protection in the data returned bythe data authority.

Control module 7030 may also request data from the data authority basedupon user input from the authority figure. Once the data is receivedfrom the data authority, the DRM module 7060 and the data processingmodule 7070 may process the data. For example, the data may be placed instorage 7090. In some examples, the data may be retransmitted to anotherlocation via the input/output module 7020, and in other examples it maybe presented to the authority figure through presentation module 7080.The usage of the data may be restricted by the digital rights managementemployed by the data authority.

Presentation module 7080 may allow the authority figure to view theavailable data and the associated permissions (returned as a result ofthe discovery response in some examples) and select the data theauthority figure is interested in receiving. The data, once received,may then be displayed to the authority figure through presentationmodule 7080. For example, presentation module 7080 may be or control atouch screen user interface display, a voice control system, or thelike.

FIG. 8 shows an example schematic 8000 of a data authority 8010according to some examples of the present disclosure. The variousfunctionality of the data authority may be integrated into a computersystem in the vehicle, or may be spread across multiple physicaldevices. As already noted, the data authority 8010 may be a computersystem in the vehicle which may be accessed by the trusted authoritydirectly through one or more wireless links, or indirectly through anetwork (e.g., the Internet). In addition, the data authority 8010 mayinstead be located at least partially at a central server. In thoseparticular examples, the trusted authority may then contact the centralserver over a network and communicate with the central server. Thecentral server may then contact each vehicle which may then provide therequested data.

Input/output module 8020 may communicate with a trusted authority torespond to inquiries and to provide sensor data. Input/output module8020 may communicate with the trusted authority through short rangewireless links such as BLUETOOTH, Wi-Fi, Wi-Fi Direct, ZigBee, NearField Communications (NFC), or the like. Input/output module 8020 mayalso communicate with the trusted authority over a network through along range wireless link such as 4^(th) generation wireless data links(e.g., Long Term Evolution (LTE)), 3^(rd) generation wireless data links(e.g., Universal Mobile Telecommunications Service (UMTS), 2^(nd)generation wireless links (e.g., such as General Packet Radio Service(GPRS)) or the like. Input/output module 8020 may also communicate witha certificate authority over the long range wireless link. In someexamples, Input/output module 8020 may communicate with a locationregister over the long term wireless link. Input/output module 8020 mayalso be linked over one or more interconnects to one or more sensors inthe vehicle. For example, Input/Output module 8020 may be capable ofcommunicating with various integrated automotive sensors over acontroller area network (CAN) bus interface. Other ways of communicatingwith sensors may be supported and may include a short range wirelessinterface such as BLUETOOTH, Near Field Communications (NFC), RadioFrequency Identification (RFID), and the like.

Control module 8030 may receive discovery requests from the trustedauthority via the input/output module 8020 and may generate anappropriate response based upon the sensor data it has available to itor based upon a list of available data. For example, data collectionmodule 8040 may periodically poll various sensors via the input/outputmodule 8020, or may receive sensor data automatically from the sensorsvia the input/output module 8020. This sensor data may be stored instorage 8050. In alternative examples, the data collection module 8040may only collect data on request. In these examples, a list of availabledata may be stored in storage 8050. Control module may utilize theencryption and decryption module 8065 to encrypt and decrypt responses.Encryption and decryption module 8065 may be responsible for obtainingpublic keys of the trusted authority from a certificate authority viathe input/output module 8020. Control module may also respond to accessrequests by consulting digital rights management module 8060 and byconsulting the user preferences, which may be stored in storage 8050.Digital rights management module 8060 may be responsible for contentprotecting the data returned by the data collection module 8040 prior totransmission to the trusted authority in accordance with the userpreferences and permissions. DRM module 8060 may also advise the controlmodule 8030 on the preferences of the user with respect to the datatypes that are available.

Control module 8030 may also respond to the data stream requests bychecking to see if the requested data stream is allowed and by causingthe data collection module 8040 to transmit the data after it is contentprotected appropriately by the DRM module 8060.

Presentation module 8070 may inform the occupants of the automobile ofstatus of the process and accept input and provide output in order toallow the user to have control over what data is sent. For example,presentation module 8070 may be or control a touch screen user interfacedisplay, a voice control system, or the like.

In other examples, the trusted authority may request permission to viewthe data from a judicial authority in addition to, or instead of, thedata authority. For example, a trusted authority may contact a judicialcomputing system to obtain a warrant to access data on the dataauthority. The warrant that is returned by the judicial computing systemmay include a digital signature verifying that the warrant was from ajudicial authority. The trusted authority may then forward this warrantas part of the data request. Upon receipt of this warrant, the dataauthority may grant access regardless of the permissions granted by thevehicle occupants and begin sending data.

While many embodiments disclosed herein are directed at policeencounters, other uses are possible. For example, if a car with a dataauthority is involved in an accident, the data authority may log alldata for a period of time before and after the accident. This mayinclude contacting other data authorities for nearby vehicles andlogging, or asking them to store, sensor data and identification data.Thus police may be able to better reconstruct an accident and may beable to determine witnesses. In other examples, ambulances may have atrusted authority system. After an accident, the ambulance may requestsensor data of the car (including sensor data which may provideinformation on attributes of the car before and after the accident) aswell as information on occupants of the car. Additionally, in someexamples, an occupant's medical insurance card may be equipped withsmart card technology which may incorporate medical information that maybe read by the data authority and then passed on to the trustedauthority of emergency crews in an accident situation. In some examples,during an accident situation, the driver may not be able to grantpermissions. In these examples, the data authority may provide the datato emergency crews regardless of user permissions. In other examples,the user or occupants may specify ahead of time certain data that may beautomatically provided after a crash. Thus when the car detects acollision (e.g., through detection of an airbag deployment), the car mayswitch to the permissions specified by the user in the event of anaccident. Thus the permissions may be made even more granular to specifydifferent permissions for each situation in which the data authority maybe presented.

Modules, Components and Logic

Certain embodiments are described herein as including logic or a numberof components, modules, or mechanisms. Modules may constitute eithersoftware modules (e.g., code embodied on a machine-readable medium or ina transmission signal) or hardware modules. A hardware module is atangible unit capable of performing certain operations and may beconfigured or arranged in a certain manner. In example embodiments, oneor more computing devices (e.g., a standalone, client or servercomputing device) or one or more hardware modules of a computing device(e.g., a processor or a group of processors) may be configured bysoftware (e.g., an application or application portion) as a hardwaremodule that operates to perform certain operations as described herein.

In various embodiments, a hardware module may be implementedmechanically or electronically. For example, a hardware module maycomprise dedicated circuitry or logic that is permanently configured(e.g., as a special-purpose processor, such as a field programmable gatearray (FPGA) or an application-specific integrated circuit (ASIC)) toperform certain operations. A hardware module may also compriseprogrammable logic or circuitry (e.g., as encompassed within ageneral-purpose processor or other programmable processor) that istemporarily configured by software to perform certain operations. Itwill be appreciated that the decision to implement a hardware modulemechanically, in dedicated and permanently configured circuitry, or intemporarily configured circuitry (e.g., configured by software) may bedriven by cost and time considerations.

Accordingly, the term “hardware module” should be understood toencompass a tangible entity, be that an entity that is physicallyconstructed, permanently configured (e.g., hardwired) or temporarilyconfigured (e.g., programmed) to operate in a certain manner and/or toperform certain operations described herein. Considering embodiments inwhich hardware modules are temporarily configured (e.g., programmed),each of the hardware modules need not be configured or instantiated atany one instance in time. For example, where the hardware modulescomprise a general-purpose processor configured using software, thegeneral-purpose processor may be configured as respective differenthardware modules at different times. Software may accordingly configurea processor, for example, to constitute a particular hardware module atone instance of time and to constitute a different hardware module at adifferent instance of time.

Hardware modules may provide information to, and receive informationfrom, other hardware modules. Accordingly, the described hardwaremodules may be regarded as being communicatively coupled. Where multipleof such hardware modules exist contemporaneously, communications may beachieved through signal transmission (e.g., over appropriate circuitsand buses) that connect the hardware modules. In embodiments in whichmultiple hardware modules are configured or instantiated at differenttimes, communications between such hardware modules may be achieved, forexample, through the storage and retrieval of information in memorystructures to which the multiple hardware modules have access. Forexample, one hardware module may perform an operation and store theoutput of that operation in a memory device to which it iscommunicatively coupled. A further hardware module may then, at a latertime, access the memory device to retrieve and process the storedoutput. Hardware modules may also initiate communications with input oroutput devices, and may operate on a resource (e.g., a collection ofinformation).

The various operations of example methods described herein may beperformed, at least partially, by one or more processors that aretemporarily configured (e.g., by software) or permanently configured toperform the relevant operations. Whether temporarily or permanentlyconfigured, such processors may constitute processor-implemented modulesthat operate to perform one or more operations or functions. The modulesreferred to herein may, in some example embodiments, compriseprocessor-implemented modules.

Similarly, the methods described herein may be at least partiallyprocessor-implemented. For example, at least some of the operations of amethod may be performed by one or processors or processor-implementedmodules. The performance of certain of the operations may be distributedamong the one or more processors, not only residing within a singlemachine, but deployed across a number of machines. In some exampleembodiments, the processor or processors may be located in a singlelocation (e.g., within a home environment, an office environment or as aserver farm), while in other embodiments the processors may bedistributed across a number of locations.

The one or more processors may also operate to support performance ofthe relevant operations in a “cloud computing” environment or as a“software as a service” (SaaS). For example, at least some of theoperations may be performed by a group of computers (as examples ofmachines including processors), with these operations being accessiblevia a network (e.g., the Internet) and via one or more appropriateinterfaces (e.g., APIs).

Electronic Apparatus and System

Example embodiments may be implemented in digital electronic circuitry,or in computer hardware, firmware, software, or in combinations of them.Example embodiments may be implemented using a computer program product,for example, a computer program tangibly embodied in an informationcarrier, for example, in a machine-readable medium for execution by, orto control the operation of, data processing apparatus, for example, aprogrammable processor, a computer, or multiple computers.

A computer program may be written in any form of programming language,including compiled or interpreted languages, and it may be deployed inany form, including as a stand-alone program or as a module, subroutine,or other unit suitable for use in a computing environment. A computerprogram may be deployed to be executed on one computer or on multiplecomputers at one site or distributed across multiple sites andinterconnected by a communication network.

In example embodiments, operations may be performed by one or moreprogrammable processors executing a computer program to performfunctions by operating on input data and generating output. Methodoperations may also be performed by, and apparatus of exampleembodiments may be implemented as, special purpose logic circuitry(e.g., a FPGA or an ASIC).

The computing device may include clients and servers. A client andserver are generally remote from each other and typically interactthrough a communication network. The relationship of client and serverarises by virtue of computer programs running on the respectivecomputers and having a client-server relationship to each other. Inembodiments deploying a programmable computing system, it will beappreciated that both hardware and software architectures requireconsideration. Specifically, it will be appreciated that the choice ofwhether to implement certain functionality in permanently configuredhardware (e.g., an ASIC), in temporarily configured hardware (e.g., acombination of software and a programmable processor), or a combinationof permanently and temporarily configured hardware may be a designchoice. Below are set out hardware (e.g., machine) and softwarearchitectures that may be deployed, in various example embodiments.

Example Machine Architecture and Machine-Readable Medium

FIG. 9 is a block diagram of a machine in the example form of acomputing device 9000 within which instructions, for causing the machineto perform any one or more of the methodologies discussed herein, may beexecuted. For example, any one of the components shown in FIG. 1-3, 7,or 8 may be or contain one or more of the components described in FIG.9. In alternative embodiments, the machine operates as a standalonedevice or may be connected (e.g., networked) to other machines. In anetworked deployment, the machine may operate in the capacity of aserver or a client machine in server-client network environment, or as apeer machine in a peer-to-peer (or distributed) network environment. Themachine may be a personal computer (PC), a notebook PC, a dockingstation, a wireless access point, a tablet PC, a set-top box (STB), aPDA, a cellular telephone, a smartphone, a web appliance, a networkrouter, switch or bridge, or any machine capable of executinginstructions (sequential or otherwise) that specify actions to be takenby that machine. Further, while only a single machine is illustrated,the term “machine” shall also be taken to include any collection ofmachines that individually or jointly execute a set (or multiple sets)of instructions to perform any one or more of the methodologiesdiscussed herein. The machine may contain components not shown in FIG. 9or only a subset of the components shown in FIG. 9.

The example computing device 9000 includes a processor 9002 (e.g., acentral processing unit (CPU), a graphics processing unit (GPU) orboth), a main memory 9004 and a static memory 9006, which communicatewith each other via an interconnect 9008 (e.g., bus or link). Thecomputing device 9000 may further include a video display unit 9010(e.g., a liquid crystal display (LCD) or a cathode ray tube (CRT)). Thecomputing device 9000 may also include an alphanumeric input device 9012(e.g., a keyboard), a user interface (UI) navigation device 9014 (e.g.,a mouse), a disk drive unit 9016, a signal generation device 9018 (e.g.,a speaker) and a network interface device 9020.

Machine-Readable Medium

The disk drive unit 9016 includes a machine-readable medium 9022 onwhich is stored one or more sets of instructions and data structures(e.g., software) 9024 embodying or used by any one or more of themethodologies or functions described herein. The instructions 9024 mayalso reside, completely or at least partially, within the main memory9004, static memory 9006, and/or within the processor 9002 duringexecution thereof by the computing device 9000, the main memory 9004 andthe processor 9002 also constituting machine-readable media.

While the machine-readable medium 9022 is shown in an example embodimentto be a single medium, the term “machine-readable medium” may include asingle medium or multiple media (e.g., a centralized or distributeddatabase, and/or associated caches and servers) that store the one ormore instructions or data structures. The term “machine-readable medium”shall also be taken to include any tangible medium that is capable ofstoring, encoding or carrying instructions for execution by the machineand that cause the machine to perform any one or more of themethodologies of the present invention, or that is capable of storing,encoding or carrying data structures used by or associated with suchinstructions. The term “machine-readable medium” shall accordingly betaken to include, but not be limited to, solid-state memories, andoptical and magnetic media. Specific examples of machine-readable mediainclude non-volatile memory, including by way of example, semiconductormemory devices (e.g., Erasable Programmable Read-Only Memory (EPROM),Electrically Erasable Programmable Read-Only Memory (EEPROM)) and flashmemory devices; magnetic disks such as internal hard disks and removabledisks; magneto-optical disks; and CD-ROM and DVD-ROM disks.

Transmission Medium

The instructions 9024 may further be transmitted or received over acommunications network 9026 using a transmission medium. Theinstructions 9024 may be transmitted using the network interface device9020 and any one of a number of well-known transfer protocols (e.g.,HTTP). Examples of communication networks include a LAN, a WAN, theInternet, mobile telephone networks, Plain Old Telephone (POTS)networks, and wireless data networks (e.g., WiFi and WiMax networks).The term “transmission medium” shall be taken to include any intangiblemedium that is capable of storing, encoding or carrying instructions forexecution by the machine, and includes digital or analog communicationssignals or other intangible media to facilitate communication of suchsoftware. Network interface 9020 may wirelessly transmit data and mayinclude an antenna.

Although the present invention has been described with reference tospecific example embodiments, it will be evident that variousmodifications and changes may be made to these embodiments withoutdeparting from the broader spirit and scope of the invention.Accordingly, the specification and drawings are to be regarded in anillustrative rather than a restrictive sense.

Although an embodiment has been described with reference to specificexample embodiments, it will be evident that various modifications andchanges may be made to these embodiments without departing from thebroader spirit and scope of the invention. Accordingly, thespecification and drawings are to be regarded in an illustrative ratherthan a restrictive sense. The accompanying drawings that form a parthereof, show by way of illustration, and not of limitation, specificembodiments in which the subject matter may be practiced. Theembodiments illustrated are described in sufficient detail to enablethose skilled in the art to practice the teachings disclosed herein.Other embodiments may be used and derived therefrom, such thatstructural and logical substitutions and changes may be made withoutdeparting from the scope of this disclosure. This Detailed Description,therefore, is not to be taken in a limiting sense, and the scope ofvarious embodiments is defined only by the appended claims, along withthe full range of equivalents to which such claims are entitled.

Such embodiments of the inventive subject matter may be referred toherein, individually and/or collectively, by the term “invention” merelyfor convenience and without intending to voluntarily limit the scope ofthis application to any single invention or inventive concept if morethan one is in fact disclosed. Thus, although specific embodiments havebeen illustrated and described herein, it should be appreciated that anyarrangement calculated to achieve the same purpose may be substitutedfor the specific embodiments shown. This disclosure is intended to coverany and all adaptations or variations of various embodiments.Combinations of the above embodiments, and other embodiments notspecifically described herein, will be apparent to those of skill in theart upon reviewing the above description.

In addition, in the foregoing Detailed Description, it may be seen thatvarious features are grouped together in a single embodiment for thepurpose of streamlining the disclosure. This method of disclosure is notto be interpreted as reflecting an intention that the claimedembodiments require more features than are expressly recited in eachclaim. Rather, as the following claims reflect, inventive subject matterlies in less than all features of a single disclosed embodiment. Thusthe following claims are hereby incorporated into the DetailedDescription, with each claim standing on its own as a separateembodiment.

OTHER EXAMPLES

The following are illustrative and non-limiting examples.

Example 1 includes subject matter (such as a method, means forperforming acts, machine readable medium including instructions)comprising a method performed at a trusted authority, the methodincluding establishing a wireless communication session with a dataauthority, the data authority integrated in a nearby vehicle; performinga discovery process with the data authority, the discovery processinforming the data authority of a plurality of data types that areavailable to the trusted authority, the plurality of data types that areavailable related to an attribute of the nearby vehicle; receivinginformation on a data type of interest, the data type of interest amongthe plurality of data types that are available; performing an accessrequest process, the access request process determining the accessrights granted by the data authority to the trusted authority for thedata type of interest; requesting data corresponding to the data type ofinterest; receiving the data corresponding to the requested data type ofinterest; and presenting the data to a public official in the course oftheir official public duties in accordance with the access rightsgranted to the data.

In example 2, the subject matter of example 1 may optionally include,wherein the wireless communication session is a direct communicationsession.

In example 3, the subject matter of one or more of examples 1-2 mayoptionally include, wherein the wireless communication session is oneof: a Wi-Fi Direct communication session, a BLUETOOTH communicationsession, a ZigBee communication session, and a Near Field Communicationscommunication session.

In example 4, the subject matter of one or more of examples 1-3 mayoptionally include, wherein the wireless communication session isthrough a network.

In example 5, the subject matter of one or more of examples 1-4 mayoptionally include, determining a Uniform Resource Identifier (URI)corresponding to the data authority; sending the URI to a locationregister over the network; receiving an Internet Protocol (IP) addressof the data authority from the location register; and whereinestablishing the wireless communication session includes contacting thedata authority using the IP address.

In example 6, the subject matter of one or more of examples 1-5 mayoptionally include, wherein the access rights grant the trustedauthority the ability to perform at least: viewing the data, storing thedata, and retransmitting the data.

In example 7, the subject matter of one or more of examples 1-6 mayoptionally include determining a Uniform Resource Identifier (URI)corresponding to the data authority; contacting a certificate authorityto retrieve a public key for the data authority; and encrypting messagessent to the data authority using the public key.

Example 8 includes or may optionally be combined with the subject matterof any one of examples 1-7 to include subject matter (such as a device,apparatus, or machine) including a trusted authority system including:an input and output module configured to: establish a wirelesscommunication session with a data authority, the data authorityintegrated in a nearby vehicle; a control module configured to: performa discovery process with the data authority, the discovery processinforming the data authority of a plurality of data types that areavailable to the trusted authority, the plurality of data types that areavailable related to an attribute of the nearby vehicle; receiveinformation on a data type of interest, the data type of interest amongthe plurality of data types that are available; perform an accessrequest process, the access request process determining the accessrights granted by the data authority to the trusted authority for thedata type of interest; request data corresponding to the data type ofinterest; wherein the input and output module is configured to receivethe data corresponding to the data type of interest; and a presentationmodule configured to: present the data to a public official in thecourse of their official public duties in accordance with the accessrights granted to the data.

In example 9, the subject matter of any one or more of examples 1-8 mayoptionally include, wherein the wireless communication session is adirect communication session.

In example 10, the subject matter of any one or more of examples 1-9 mayoptionally include, wherein the wireless communication session is oneof: a Wi-Fi Direct communication session, a BLUETOOTH communicationsession, a ZigBee communication session, and a Near Field Communicationscommunication session.

In example 11, the subject matter of any one or more of examples 1-10may optionally include, wherein the wireless communication session isthrough a network.

In example 12, the subject matter of any one or more of examples 1-11may optionally include, wherein the control module is further configuredto: determine a Uniform Resource Identifier (URI) corresponding to thedata authority; send the URI to a location register over the network;receive an Internet Protocol (IP) address of the data authority from thelocation register; and wherein establishing the wireless communicationsession includes contacting the data authority using the IP address.

In example 13, the subject matter of any one or more of examples 1-12may optionally include, wherein the access rights grant the trustedauthority the ability to perform at least: viewing the data, storing thedata, and retransmitting the data.

In example 14, the subject matter of any one or more of examples 1-13may optionally include, wherein the control module is further configuredto: determine a Uniform Resource Identifier (URI) corresponding to thedata authority; and wherein the system further comprises an encryptionmodule configured to: contact a certificate authority to retrieve apublic key for the data authority; and encrypt messages sent to the dataauthority using the public key.

Example 15 includes or may optionally be combined with the subjectmatter of any one of examples 1-14 to include subject matter (such as amethod, means for performing acts, machine readable medium includinginstructions for) comprising at a trusted authority: establishing awireless communication session with a data authority, the data authorityintegrated in a nearby vehicle; performing a discovery process with thedata authority, the discovery process informing the data authority of aplurality of data types that are available to the trusted authority, theplurality of data types that are available related to an attribute ofthe nearby vehicle; receiving information on a data type of interest,the data type of interest among the plurality of data types that areavailable; performing an access request process, the access requestprocess determining the access rights granted by the data authority tothe trusted authority for the data type of interest; requesting datacorresponding to the data type of interest; receiving the datacorresponding to the requested data type of interest; and presenting thedata to a public official in the course of their official public dutiesin accordance with the access rights granted to the data.

In example 16, the subject matter of one or more of examples 1-15 mayoptionally include, wherein the wireless communication session is adirect communication session.

In example 17, the subject matter of one or more of examples 1-16 mayoptionally include, wherein the wireless communication session is oneof: a Wi-Fi Direct communication session, a BLUETOOTH communicationsession, a ZigBee communication session, and a Near Field Communicationscommunication session.

In example 18, the subject matter of one or more of examples 1-17 mayoptionally include, wherein the wireless communication session isthrough a network.

In example 19, the subject matter of one or more of examples 1-18 mayoptionally include, wherein the instructions further includeinstructions, which when performed by the machine, cause the machine toperform the operations including: determining a Uniform ResourceIdentifier (URI) corresponding to the data authority; sending the URI toa location register over the network; receiving an Internet Protocol(IP) address of the data authority from the location register; andwherein establishing the wireless communication session includescontacting the data authority using the IP address.

In example 20, the subject matter of one or more of examples 1-19 mayoptionally include, wherein the access rights grant the trustedauthority the ability to perform at least: viewing the data, storing thedata, and retransmitting the data.

In example 21, the subject matter of one or more of examples 1-20 mayoptionally include, wherein the instructions further includeinstructions, which when performed by the machine, cause the machine toperform the operations including: determining a Uniform ResourceIdentifier (URI) corresponding to the data authority; contacting acertificate authority to retrieve a public key for the data authority;and encrypting messages sent to the data authority using the public key.

Example 22 includes or may optionally be combined with the subjectmatter of any one of examples 1-21 to include subject matter (such as amethod, means for performing acts, machine readable medium includinginstructions) comprising establishing a wireless communication sessionwith a trusted authority, the trusted authority integrated in a nearbyvehicle and operated by a public official in the course of theirofficial public duties; responding to a discovery request with anindication of one or more available data types, the available data typesrelated to an attribute of the vehicle; receiving a request for datacorresponding to the one or more available data types; informing thetrusted authority of access rights corresponding to the data; receivingan access request for the data; collecting the data by communicatingwith at least one on-board sensor in the vehicle; and sending the dataresponsive to receiving a request for the data.

In example 23, the subject matter of one or more of examples 1-22 mayoptionally include, wherein the wireless communication session is adirect communication session.

In example 24, the subject matter of one or more of examples 1-23 mayoptionally include, wherein the wireless communication session is oneof: a Wi-Fi Direct communication session, a BLUETOOTH communicationsession, a ZigBee communication session, and a Near Field Communicationscommunication session.

In example 25, the subject matter of one or more of examples 1-24 mayoptionally include, wherein the wireless communication session isthrough a network.

In example 26, the subject matter of one or more of examples 1-25 mayoptionally include, wherein the access rights grant the trustedauthority the ability to perform at least: viewing the data, storing thedata, and retransmitting the data.

In example 27, the subject matter of one or more of examples 1-26 mayoptionally include, determining a Uniform Resource Identifier (URI)corresponding to the trusted authority; contacting a certificateauthority to retrieve a public key for the trusted authority; andencrypting messages sent to the trusted authority using the public key.

In example 28, the subject matter of one or more of examples 1-27 mayoptionally include, wherein the URI includes a license plate number ofthe trusted authority.

Example 29 includes or may optionally be combined with the subjectmatter of any one of examples 1-28 to include subject matter (such as adevice, apparatus, or machine) comprising a data authority integratedinto a vehicle, the data authority including an input and output moduleconfigured to: establish a wireless communication session with a trustedauthority, the trusted authority integrated in a nearby vehicle andoperated by a public official in the course of their official publicduties; a control module configured to: respond to a discovery requestwith an indication of one or more available data types, the availabledata types related to an attribute of the vehicle; receive a request fordata corresponding to the one or more available data types; inform thetrusted authority of access rights corresponding to the data; receive anaccess request for the data; and wherein the input and output module isfurther configured to: collect the data by communicating with at leastone on-board sensor in the vehicle; and send the data responsive toreceiving a request for the data.

In example 30, the subject matter of one or more of examples 1-29 mayoptionally include, wherein the wireless communication session is adirect communication session.

In example 31, the subject matter of one or more of examples 1-30 mayoptionally include, wherein the wireless communication session is oneof: a Wi-Fi Direct communication session, a BLUETOOTH communicationsession, a ZigBee communication session, and a Near Field Communicationscommunication session.

In example 32, the subject matter of one or more of examples 1-31 mayoptionally include, wherein the wireless communication session isthrough a network.

In example 33, the subject matter of one or more of examples 1-32 mayoptionally include, wherein the access rights grant the trustedauthority the ability to perform at least: viewing the data, storing thedata, and retransmitting the data.

In example 34, the subject matter of one or more of examples 1-33 mayoptionally include, an encryption module configured to: determine aUniform Resource Identifier (URI) corresponding to the trustedauthority; contact a certificate authority to retrieve a public key forthe trusted authority; and encrypt messages sent to the trustedauthority using the public key.

In example 35, the subject matter of one or more of examples 1-34 mayoptionally include, wherein the URI includes a license plate number ofthe trusted authority.

Example 36 includes or may optionally be combined with the subjectmatter of any one of examples 1-35 to include subject matter (such as amethod, means for performing acts, machine readable medium includinginstructions) comprising at a data authority: establishing a wirelesscommunication session with a trusted authority, the trusted authorityintegrated in a nearby vehicle and operated by a public official in thecourse of their official public duties; responding to a discoveryrequest with an indication of one or more available data types, theavailable data types related to an attribute of the vehicle; receiving arequest for data corresponding to the one or more available data types;informing the trusted authority of access rights corresponding to thedata; receiving an access request for the data; collecting the data bycommunicating with at least one on-board sensor in the vehicle; andsending the data responsive to receiving a request for the data.

In example 37, the subject matter of one or more of examples 1-36 mayoptionally include, wherein the wireless communication session is adirect communication session.

In example 38, the subject matter of one or more of examples 1-37 mayoptionally include, wherein the wireless communication session is oneof: a Wi-Fi Direct communication session, a BLUETOOTH communicationsession, a ZigBee communication session, and a Near Field Communicationscommunication session.

In example 39, the subject matter of one or more of examples 1-38 mayoptionally include, wherein the wireless communication session isthrough a network.

In example 40, the subject matter of one or more of examples 1-39 mayoptionally include, wherein the access rights grant the trustedauthority the ability to perform at least: viewing the data, storing thedata, and retransmitting the data.

In example 41, the subject matter of one or more of examples 1-40 mayoptionally include determining a Uniform Resource Identifier (URI)corresponding to the trusted authority; contacting a certificateauthority to retrieve a public key for the data authority; andencrypting messages sent to the data authority using the public key.

In example 42, the subject matter of one or more of examples 1-41 mayoptionally include, wherein the URI includes a license plate number ofthe trusted authority.

What is claimed is:
 1. A method performed at a trusted authority, themethod comprising: establishing a wireless communication session with adata authority, the data authority integrated in a nearby vehicle;performing a discovery process with the data authority, the discoveryprocess informing the data authority of a plurality of data types thatare available to the trusted authority, the plurality of data types thatare available related to an attribute of the nearby vehicle; receivinginformation on a data type of interest, the data type of interest amongthe plurality of data types that are available; performing an accessrequest process, the access request process determining the accessrights granted by the data authority to the trusted authority for thedata type of interest; requesting data corresponding to the data type ofinterest; receiving the data corresponding to the requested data type ofinterest; and presenting the data to a public official in the course oftheir official public duties in accordance with the access rightsgranted to the data.